Pendapat ikhlas lagi bijak Professor Dr Selvakumar Manickam:: Cybersecurity expert says govt should have hired consultants, conduct stress test before introducing RTD's digital services to public

Highflyer19

Universiti Sains Malaysia (USM) Professor Dr Selvakumar Manickam told the New Straits Times that the government should have conducted a thorough stress test of the MyJPJ application before launching it for public use. - NSTP file pic

KUALA LUMPUR: A cybersecurity expert has called upon the government to take steps in ensuring that the Road Transport Department (RTD) database is secured, following the move to digitise the department's services.

Universiti Sains Malaysia (USM) Professor Dr Selvakumar Manickam told the New Straits Times that the government should have conducted a thorough stress test of the MyJPJ application before launching it for public use.

He said the digitising of RTD's services is yet another major concern as an unsecured API could potentially leak data stored on its servers. Recent cases of data leaks should have served as a lesson for the government to improve its security, he said.

"The data might be pulled from various agencies, so now, the government must ensure that the servers are secured.

"With reverse engineering, the hackers can locate the source code, try to break the communication and steal the data.


"It is quite easy if one knows how the application communicates with the backend server," he said today.

He proposed that the government hire consultants to monitor the application and website where RTD enforcement personnel and policemen would be using to obtain the motorists' data.

With many opting to use the service, he said that the server could get congested and those maintaining the service would be sidetracked to fix the problem, rather than focus on protecting the server.

Thus a consultant would come in handy for the security breach issues.

"The problem is that we only react when a leak takes place, and when it does, (there is) no point. We also have to look at whether the application was built by RTD themselves or whether it was outsourced. If it is outsourced, how trusted is it?" he added

Beginning yesterday, private vehicle owners will no longer need to display their vehicle licence (commonly known as road tax) on the windscreen or carry a physical copy of their driving licence.

Transport Minister Anthony Loke said this was because the two would be made available in a digital version via the Road Transport Department (RTD) public portal (https://public.jpj.gov.my) or mobile application MyJPJ, which could be downloaded from the App Store, Play Store or Huawei App Gallery.

He said the move was part of the ministry's efforts to digitise services offered by the RTD.


https://www.nst.com.my/news/nation/2023/02/878710/cybersecurity-expert-says-govt-should-have-hired-consultants-conduct

antikorok

Memang betol pung. Entah2 half baked apps teros launch utk marhaen guna.
Kat tanah ibu pertiwi ni apa jahhh data yg tak bocor? JPN la, bank-bank la, SPR la, LHDN la, telco-telco la, even data stodents uni awam pongg terbocor. Siap ada yg lelong nak jual dgn harga Bitcoin gaytohhhh... Yihhhh

cybersecurityne

The Cyber Express is a cyber security news media company that focuses on providing the latest news and information about various topics in the field of cybersecurity. With an emphasis on breaking news and real-time updates, they aim to keep the public informed about the latest developments in cybersecurity. The topics they cover a range from the latest cyber-attacks and data breaches to the use of ransomware and hacking tools, as well as information about the latest cybersecurity tools and technologies. By providing in-depth coverage of the cybersecurity industry, The Cyber Express serves as a valuable resource for individuals and organizations interested in staying informed about the latest threats and trends in the world of cybersecurity.

Perwira2022

Kalut nak bagi projek kat kroni PH la tu..

cmf_premierleag

IT jpj gomen ni bodoh nk mampos ke..x kan x buat UAT user acceptance testing dulu
Kalo kat private, UAT smpi 8-10 kali ok
Then baru start launch system

Highflyer19

cmf_premierleag replied at 6-3-2023 06:32 PM
IT jpj gomen ni bodoh nk mampos ke..x kan x buat UAT user acceptance testing dulu
Kalo kat private,  ...

Yg kalut tu mingkin muntri dia…tiba2 for no reason

juboqhang

MySejahtera apa cerita

soundinfo690

In a sharp critique, Professor Dr. Selvakumar Manickam, a respected cybersecurity expert, emphasized the government's oversight in rolling out RTD's digital services without adequate preparation. He suggested that the smart move would have been to engage consultants and conduct thorough stress tests to anticipate any potential glitches. This proactive approach, he argued, is akin to the diligence one exercises in party security hire melbourne, where experts are brought in to ensure an event runs without a hitch, safeguarding against any unwelcome surprises and maintaining a secure environment for all involved.

denvelsamit23

Professor Dr. Selvakumar Manickam, a sage in the field of cybersecurity, advocates for a proactive stance akin to the principles of Firewatch security when deploying digital services to the public, particularly the RTD's recent initiative. He recommends that the government should have engaged consultants to lend their expertise and conduct rigorous stress tests prior to launch. This approach mirrors the preemptive measures taken by fire watch professionals who assess and address vulnerabilities to prevent emergencies. By adopting such foresight and meticulous planning, potential risks in digital infrastructure can be identified and mitigated, ensuring a secure and resilient service for the public.